Hackers And Hoaxes
Everyone who has an ISP, understands, or at least knows about
how hackers use viruses, Trojans and other web nasties, to
infect and mess up your computer. No headline news there.
(Unfortunately, we still don't understand why they do it, or at
least I don't.) But hackers don't have to write malicious code
or hijack your browser to do some serious damage to your system.
Oh no... A well written email with no attachments, can do the
trick. They only have to start a rumor.
Hackers can easily manipulate you into trashing your own
computer. All they have to do is begin a hoax.
What do I mean by that? Let me explain.
Have you ever gotten emails from people you know that say
something like: Scan your hard drive for such and such a file!
If you find it delete it immediately! Pass this on. Warn
everyone you know!
These emails are originally generated by a hacker and spread
throughout the Internet to get you to delete files you need,
thus creating havoc for your system. They are hoaxes.
Hoaxes work incredibly well for getting average people
to cause their own computers to malfunction. the hacker doesn't
have to spend any time creating malicious code and a method of
distribution, all they have to do is play on the human tendency
for hysteria; send out a warning that something evil is
spreading, and if you find it on your computer, get rid of it!
Recently I was tracking a thread on a forum, where the
moderator warned everyone about a file that he found on his
system that was a keylogger. (A keylogger is a
malicious program designed to track your every move through
monitoring your keystrokes.) He warned everyone to search
for a file, ans2000.ini and, "delete the booger."
I scan my system every day, with several different virus/
spyware programs, and I never picked up this file with any of
them, so I decided to do a Windows Explorer search for it. Sure
enough, I found it on my hard drive. Oh My God!
Before hitting the delete key though, I looked it up on the
web. I Googled the specific file and found quite a bit of
information on it. The file ans2000.ini is used in the
keylogger program known as ProBot SE. However, it is also
used in many other legitimate programs as well. Ok, so
now what do I do?
Well, I contacted my go-to guy, Jim Gray, owner of Quikonnex,
and asked him what his thoughts were. He told me to open the ini
file, in Notepad, and read it. Sure enough, this file did have
an association to another program on my system. It is part of ActivEbook Compiler. It was right there in
print, at the top of the file.
Now had I just freaked out when I found the file, and deleted
the booger, I would've trashed my ebook compiler, making it
useless to me. Two points for the hacker who started the
hoax!
Hoaxes are just as dangerous as live viruses, because
they inspire you to destroy your own programs. I am sure they
are a particular kick for the one starting the hoax, as
they are getting you to do bad things to your own system. Fear
is a powerful motivator, and hoaxes, by design, are
created to cause panic and fear in the less experienced Internet
traveler.
So, before going and deleting files from your hard drive, go
check them out. Do a search for them and read the information
you find. Don't just go deleting things without learning about
them first, or you just may end up cutting your own throat. And,
NEVER forward these types of warning emails to others until you
know for a fact that the information is correct, or you're
likely to have your friends and family after you for
misinforming them.
Resources for validating virus/ hoax information:
http://vil.mcafee.com/hoax.asp
http://www.vmyths.com/
http://www.symantec.com/avcenter/hoax.html
http://www.f-secure.com/virus-info/hoax/
Copyright